home

zillya.exe

Zillya Antivirus

ALLIT Service, LLC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Antivirus’.
Publisher:
ALLIT Service, LLC.  (signed and verified)

Product:
Zillya Antivirus

Version:
1,1,2942,0

MD5:
e346445d3e57e1e43842850ce80c25e3

SHA-1:
6fa5d4df50f403641de996bf957fdeb016f897ed

SHA-256:
9bb0909b52bf2e9c54a656a4a9aa251a2cf3b098438a92c3f0db9c3d5cedd53a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 6:19:49 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Patched.Y.gen
4.6.5.141

File size:
1.9 MB (2,008,384 bytes)

Product version:
1,1,2942,0

Copyright:
(c) 2009 - 2010 ALLIT Service, LLC. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\zillya antivirus\zillya.exe

Digital Signature
Signed by:
ALLIT Service, LLC.

Authority:
VeriSign, Inc.

Valid from:
3/26/2010 1:00:00 AM

Valid to:
3/27/2011 12:59:59 AM

Subject:
CN="ALLIT Service, LLC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ALLIT Service, LLC.", L=Kyiv, S=Kyivska, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3A8B218626196C9BA07195B44F2843F7

File PE Metadata
Compilation timestamp:
9/14/2010 10:39:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:LB9y0qzMhAM/tFyczajXJfGY5FwwwwdH8F:L9qzMfIczCwwwwdHM

Entry address:
0xF8372

Entry point:
C3, C3, C3, C3, C3, C3, C3, C3, FF, FF, FF, 25, E0, 6E, 52, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 08, 6F, 52, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 53, 57, 33, FF, 8B, 44, 24, 10, 0B, C0, 7D, 14, 47, 8B, 54, 24, 0C, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 10, 89, 54, 24, 0C, 8B, 44, 24, 18, 0B, C0, 7D, 13, 8B, 54, 24, 14, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 18, 89, 54, 24, 14, 0B, C0, 75, 1B, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, 44, 24, 0C, F7, F1, 8B...
 
[+]

Code size:
1.1 MB (1,200,128 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Antivirus

Command:
"C:\Program Files\zillya antivirus\zillya.exe" \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.